An indispensable source of reference for anyone concerned with computer security, the Bulletin is the forum through which leading security researchers publish the latest security research and information in a bid to share knowledge with the security community. Publications cover the latest threats, new developments and techniques in the security landscape, opinions from respected members of the industry, and more. The Bulletin archives offer informative articles going back to 1989. Our editorial team is happy to hear from anyone interested in submitting a paper for publication.
Ankit Anubhav (FireEye)
Manish Sardiwal (FireEye)
Exploits for the CVE‑2016‑0189 vulnerability offer both reliability and complexity, so it is little wonder that it was the most commonly exploited vulnerability in 2016. Ankit Anubhav traces the journey and evolution of the 'God Mode' exploitation…
Read moreYaniv Balmas (Check Point Software Technologies)
Ben Herzog (Check Point Software Technologies)
This VB2016 paper surveys selected recent case studies of unfortunate cryptographic implementations in malware. When considered together, these examples illustrate a picture of design anti-patterns that is either worrying or encouraging, depending on…
Read moreJaime Lyndon 'Jamz' A. Yaneza (Trend Micro)
At the start of 2004, Jamz Yaneza reflected on the year just ended and pondered what 2004 would have in store for the AV industry.
Read moreRobert Simmons (ThreatConnect)
The landscape of open source malware analysis tools improves every day. A malware analysis lab can be thought of as a set of entry points into a tool chain. The main entry points are a file, a URL, a network traffic capture, and a memory image. This…
Read moreAlexander Chailytko (Check Point Software Technologies)
Aliaksandr Trafimchuk (Check Point Software Technologies)
Consider the following situation: at the beginning of our research we have an empty IDA database and binary code without labels and comments in Olly. After some dynamic analysis we will name a few functions. If, for some reason, an analysis is…
Read moreAbhishek Singh (Acalvio)
The impact of a malware infection can be increased by applying ‘lateral movement’: spreading the infection from the original infected device to other devices within the same network. This paper shares the technical details of some of the most common…
Read moreJames Wolfe (Lockheed Martin Corporation)
"Most of you reading this article have the technical skill but do you have the people skills?" In 2000, James Wolfe urged security experts to sell themselves and their services.
Read moreAliaksandr Chailytko (Check Point)
Stanislav Skuratovich (Check Point Software Technologies)
This VB2016 paper focuses on the techniques used by malware to detect virtual environments, and provides detailed technical descriptions of what can be done to defeat them.
Read moreJuan Andrés Guerrero-Saade (Kaspersky Lab)
Brian Bartholomew (Kaspersky Lab)
This VB2016 paper takes a comprehensive look at the current state of attribution in targeted attack research and at deliberate attempts by the adversary to obstruct this process. The paper includes common bases for attribution, practical and…
Read moreStephen Cobb (ESET)
This VB2016 paper addresses a number of increasingly urgent questions about the defence of information systems against criminal hackers, the first of which is: can the world produce enough appropriately skilled human defenders of digital systems to…
Read more